<?php

ob_start();
include_once ('../../utilities.php')

?>
<!DOCTYPE html>
<html>
<head>
	<link rel="stylesheet" type="text/css" href="../../reset.css">
	<link rel="stylesheet" type="text/css" href="../../mainStyle.css">
	<link rel="stylesheet" type="text/css" href="../../searchButton.css">
	<title>Change User Permissions</title>
</head>
<body>

	<div id="container">
		<?php

$root = '../../';
include_once ('../../header.php')

?>
        
		<div id="page-body">
		<?php

if (isset($_POST['submit']))
{ //If fields are set from form
    $myuser = unserialize($_SESSION['User']);
    if ($myuser->getPermissions() == 6)
    {
        //User is Master Admin
        $permission = $_POST['permission'] - 1;
        $id = intval($_POST['users']);
        //Set the permission of the specified user
        $query = "UPDATE Users SET PermissionID=" . $permission . " WHERE UserID = " . $id;
        $registerquery = $mysqli->query($query);
    }
}
if (!empty($_SESSION['LoggedIn']) && !empty($_SESSION['User']))
{ //Form to input info if logged in
    $myuser = unserialize($_SESSION['User']);
    if ($myuser->getPermissions() == 6)
    {

?>
				<p>Change user permissions</p>
				
				<form method="POST" action="./">
					<select name="users" id = "users">
					<?php

        //Show every user in system by name, pass user id as value
        $query = "SELECT * FROM Users";
        $data = $mysqli->query($query);
        if ($data->num_rows != 0)
        {
            while ($arr = $data->fetch_array(MYSQLI_ASSOC))
            {

?>
								<option value="<?php

                echo $arr["UserID"];

?>"> User Name: <?php

                echo $arr["FirstName"] . " " . $arr["LastName"]

?>. </option>
								<?php

            }
        }

?>
					</select><br>
					<input type="radio" name="permission" value="1" />Member<br />
					<input type="radio" name="permission" value="2" />President<br />
					<input type="radio" name="permission" value="3" />Vice-President<br />
					<input type="radio" name="permission" value="4" />Treasurer<br />
					<input type="radio" name="permission" value="5" />Secretary<br />
					<input type="radio" name="permission" value="6" />Web-Admin<br />
					<input type="radio" name="permission" value="7" />Master-Admin<br />
					<input type="submit" name="submit" id="submit" value="Change Permission" />
				</form>
			
			<?php

    } else
    {
        echo "<p> You do not have permission to view this page.</p>";
    }
} else
{

?>
				
		   <p>You must login to view this page.</p>
								
		   <?php

}

?>
		</div>
		
		<?php

include_once ('../../footer.php')

?>
	</div>

</body>
</html>